Elliott Mitchell [Thu, 29 Aug 2019 03:12:50 +0000 (20:12 -0700)]
fdisk: Correct handling of hybrid MBR
The traditional MBR has pretty well NO limitations on slices. They can
be a single misaligned sector if desired. While this is undesireable
for most real world uses, for the few places they're still used extra
limitations cause breakage not safety.
Karel Zak [Mon, 30 Sep 2019 11:11:17 +0000 (13:11 +0200)]
fdisk: use 'r' to return from MBR to GPT
The current code uses 'M' to switch between MBR and GPT, but it's not
intuitive to "go back" by 'M'. It seems more user-friendly to use 'r'
as in another places (for example when go from expert menu or from BRD
menu).
The 'M' to return to GPT is still supported for backward compatibility.
Addresses: https://github.com/karelzak/util-linux/pull/849 Signed-off-by: Karel Zak <kzak@redhat.com>
Karel Zak [Mon, 30 Sep 2019 09:12:35 +0000 (11:12 +0200)]
Merge branch 'nproc' of https://github.com/mator/util-linux
* 'nproc' of https://github.com/mator/util-linux:
Don't use `nproc --all` for getting cpu number. For example below, sparc64 is reporting 128 as a total, but only 32 is online. So use only online cpus for tests parallel runs.
Daniel Drake [Tue, 24 Sep 2019 09:46:16 +0000 (17:46 +0800)]
libblkid: improve handling of ISO files with partition tables
The ISO format specifically leaves the first 32kb blank so that it
can be used for other purposes, such as adding a partition table.
This is commonly used (e.g. by Endless and Fedora installation media) to
have partition 0 starting at sector 0 as a mountable iso9660 filesystem,
followed by more partitions (e.g. an EFI system partition).
Such layouts can be easily created by tools such as xorriso.
When plugging in a USB disk flashed with this type of ISO, blkid presents
a somewhat confusing view of the block devices. Taking the example of
a 'sda' disk with two partitions:
1. The "iso partition"
2. An unformatted partition
In such a setup, before the changes here, blkid will currently report the
ISO metadata attributes ID_FS_PUBLISHER_ID, ID_FS_UUID, ID_FS_LABEL, and
ID_FS_TYPE=iso9660 on both sda *and* sda1.
Since sda2 is unformatted, it won't have any ID_FS_ attributes of it's
own. And due to the following standard udev rule:
# for partitions import parent information
ENV{DEVTYPE}=="partition", IMPORT{parent}="ID_*"
sda2 will actually import all of the ID_FS_ stuff from the parent device
sda.
The result at this point is that three udev devices all have the same
ID_FS_ attribute values, leading to strange results such as three
devices all racing to own the link in /dev/disk/by-uuid, so you can't
reliably do a mount-by-UUID.
Clean up this situation by detecting such partitioned ISO disks
in the superblock probing setup. If files of this kind are detected,
we now only expose the ISO metadata attributes on the specific partition
that points to the ISO data (and not the parent disk).
Don't use `nproc --all` for getting cpu number. For example below,
sparc64 is reporting 128 as a total, but only 32 is online. So use only
online cpus for tests parallel runs.
$ nproc
32
$ nproc --all
128
$ lscpu
Architecture: sparc64
CPU op-mode(s): 32-bit, 64-bit
Byte Order: Big Endian
CPU(s): 32
On-line CPU(s) list: 0-31
Thread(s) per core: 8
Core(s) per socket: 4
Socket(s): 1
Model name: UltraSparc T5 (Niagara5)
Flags: sun4v
It is desirable for bash-completion to complete block devices via
symlinks (e.g. under /dev/disk) and with non-canonical locations (e.g.
./sda if $PWD is /dev, and /chroot/dev/sda).
Unfortunately, this is a non-trivial task due to how bash-completion
works. It is necessary to un-escape the last partial argument, search,
then escape the results, ideally handling tilde and variable
expansion/completion. See [_get_comp_words_by_ref] and [_filedir] in
the bash-completion project for details.
Given the development costs of a complete and correct implementation,
the annoyance/frustration which would result from an incomplete/buggy
implementation, and the trade-offs between under- and over-completion,
this commit adds fallback to bash default completion if the argument
does not match any canonical device names. This correctly completes in
the cases mentioned above, although it incorrectly completes on
non-block-device files as well.
Kevin Locke [Thu, 19 Sep 2019 13:40:13 +0000 (07:40 -0600)]
bash-completion: Add fallback for symlinks/images
For commands which support operating on files (i.e. disk images), it is
desirable for bash-completion to complete matching file names. It is
also desirable to complete on block device symlinks (e.g. under
/dev/disk). To complete common use cases, often on canonical device
names, continue to try completion using canonical device names, then
fall back to matching any file incrementally as Bash does by default.[1]
Some of the fsck and mkfs commands complete differently than the others,
and differently than the desired behavior.[1] Standardize on completing
with $(lsblk -pnro name):
* fsck: Don't complete completes on all block devices and device links
under /dev immediately (which is excessive and prone to search
problems).
* mkfs, mkfs.bfs: Don't complete "/path/to/file" literally. I assume
this was copy/pasted from example code, since it does not appear to be
a valid argument unless it is a valid path, which is rare.
* fsck.cramfs, mkfs, mkfs.bfs, mkfs.cramfs, mkswap: Don't complete on
all filenames initially. The desired behavior is to complete
filenames only if there are no canonical matches.[1]
Note: A subsequent commit will add the desired fallback behavior.
Karel Zak [Tue, 10 Sep 2019 10:14:25 +0000 (12:14 +0200)]
setterm: cleanup usage() and man page
usage:
* use --option[=<argument>] to make it obvious that '=' is required
* don't use [ ] for required arguments
* add separators to make it more readable
man page
* use --option=[<argument>] for optional arguments in man page
* don't use \fI or \fB for keywords based arguments (on|off|default ...)
* use the same style in all man page
James Peach [Thu, 17 Jan 2019 22:16:54 +0000 (14:16 -0800)]
unshare: add --keep-caps option
Add the --keep-caps option to unshare to preserve capabilities that
are granted when creating a new user namespace. This allows the child
process to retain privilege within the new user namespace without also
being UID 0.
James Peach [Thu, 17 Jan 2019 22:17:54 +0000 (14:17 -0800)]
unshare: add --map-current-user option
Add the --map-current-user option to unshare. This option maps the
current effective UID and GID in the new user namespace so that the
inner and outer credentials match.
Karel Zak [Fri, 6 Sep 2019 11:53:50 +0000 (13:53 +0200)]
sfdisk: (--move-data) keep step size based on optimal I/O
The current implementation is too paranoid and tries to keep in
memory only data which are on disk too. It means very small step size
when move partition only a few sectors left/right.
This patch enlarge the buffer to at least 1MiB and aligned to optimal
I/O.
Addresses: https://github.com/karelzak/util-linux/issues/848 Signed-off-by: Karel Zak <kzak@redhat.com>
Karel Zak [Fri, 6 Sep 2019 11:09:30 +0000 (13:09 +0200)]
libfdisk: use grain as small as possible
The current implementation does not allow to move partition for
example in +/-1 sector range, because free space analyze is by default
based on regular grain used for partitioning (=1MiB).
This patch extends libblkid, so that it reports filesystem block size.
When blkid returns a specific number in the BLOCK_SIZE attribute, it
guarantees that all the bios submitted by the filesystem are aligned on
this boundary.
We need this because when we want to enable dm-integrity or dm-writecache
on an existing filesystem, we need to know filesystem block size, so that
dm-integrity or dm-writecache is initialized with matching block size.
We could always use block size 512 for dm-integrity and dm-writecache, but
that would cause metadata overhead and performance degradation. On the
other hand, if we used block size 4096, it would fail if the filesystem
has smaller blocksize.
[kzak@redhat.com: - move vfat BLOCK_SIZE to probing function
- remove unwanted debug fprintf from ZFS prober]
Signed-off-by: Mikulas Patocka <mpatocka@redhat.com> Signed-off-by: Karel Zak <kzak@redhat.com>
include/closestream: fix assignment to read-only standard streams
In order to avoid closing standard streams multiple times, commit 52aa1a661 (include/closestream: avoid close more than once, 2019-06-13)
introduced code to set the standard output and error streams to `NULL`.
As musl libc defines standard streams as constant pointers, the change
causes compiler errors on systems with that libc. According to ISO C89,
being able to assign to the standard text streams is not a requirement
for any C implementation, see footnote 238 in chapter §7.19.5.6:
The primary use of the freopen function is to change the file
associated with a standard text stream (stderr, stdin, or stdout),
as those identifiers need not be modifiable lvalues to which the
value returned by the fopen function may be assigned.
This commit implements a new function `flush_standard_stream` that tries
to reliably flush standard streams without actually closing them. By not
calling fclose(3P), we can neatly avoid the issue of accessing standard
streams in an unspecified state and thus remove the infringing `NULL`
assignments.
Properly flushing standard streams without fclose(3P) proves to be more
intricate than one may expect, though, as some filesystems like NFS may
defer flushing until they see a close(3P) of the underlying descriptor.
One may call fsync(3P) to remedy that, but this may incur a heavy
performance penalty in some scenarios. To work around the issue and
still get proper errors, we duplicate the stream's file descriptor and
close that one instead, which is sufficient to cause a flush.
Note that both `close_stdout` and `close_stdout_atexit` are misnamed
after this change, as we do not actually close the streams now. In order
to avoid unnecessary code churn, we still retain their current names.
Karel Zak [Thu, 29 Aug 2019 13:50:58 +0000 (15:50 +0200)]
libmount; fix and improve read+poll mountinfo
* fix read() buffer size (stupid bug...)
* split read() EINTR and poll() based attempts
* use 100 attempts
* wait 10000 usec between attempts, but first 10 attempts are without
this delay. It makes the function usable for usual use-cases as well
as on very busy systems (successfully tested with 300 concurrent
mount/umount processes)
Karel Zak [Wed, 28 Aug 2019 13:47:16 +0000 (15:47 +0200)]
libmount: improve mountinfo reliability
The standard way how we read mount table is not reliable because
during the read() syscalls the table may be modified by some another
process. The changes in the table is possible to detect by poll()
event, and in this case it seems better to lseek to the begin of the file
and read it again. It's expensive, but better than races...
This patch does not modify mountinfo parser, but it reads all file to
memory (by read()+poll()) and than it creates memory stream
from the buffer and use it rather than a regular file stream.
It means the parser is still possible to use for normal files
(e.g. fstab) as well as for mountinfo and it's also portable to
systems where for some reason is no fmemopen().
Note that re-read after poll() event is limited to 5 attempts (but
successful read() without event zeroize the counter). It's because we
do not want to wait for consistent mountinfo for ever. It seems better
to use old (less reliable) way than hang up in read()+poll()
loop.
Addresses: https://github.com/systemd/systemd/issues/10872 Reported-by: Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> Signed-off-by: Karel Zak <kzak@redhat.com>
Triggered by commit f612c4c67 (tests: fix --unbuffered mode with
ASAN, 2019-08-27), which says:
Well, this patch sucks. It would be nice to have things in
the way how it has been original expected by Patrick's patch,
but ...
So this commit here effectively reverts it and instead tries to
improve the shortcomings of the original patch. First, it uses
env(1) to set ASAN_OPTIONS instead of directly adding it to the
args array to fix execution of "${args[@]}" "$@".
Second, it now supports both unbuffer(1) and stdbuf(1). The
latter uses LD_PRELOAD tricks, which doesn't play nicely with
ASAN, so it will not be used if ASAN has been requested. It's
still valuable to have support for both, as many more systems
will have stdbuf(1) from coreutils installed but not unbuffer(1)
from expect.
The test fdisk/oddinput hardcodes strings returned by strerror(3P) for
both the errors ENOENT and ENOTTY. As these strings are unportable,
convert the tests to use the test_strerror helper instead to convert
them with sed(1).
Karel Zak [Tue, 27 Aug 2019 11:02:38 +0000 (13:02 +0200)]
tests: fix --unbuffered mode with ASAN
Unfortunately, ASAN is pretty sensitive to LD_PRELOAD, but stdbuf from
coreutils is based on LD_PRELOAD. So, I have replaced stdbuf with
unbuffer (from expect pkg).
The another problem is "${args[@]}" "$@" which does not work as expected.
Well, this patch sucks. It would be nice to have things in the way
how it has been original expected by Patrick's patch, but ...
Karel Zak [Tue, 27 Aug 2019 08:11:02 +0000 (10:11 +0200)]
Merge branch '2019wk33' of https://github.com/kerolasa/util-linux
* '2019wk33' of https://github.com/kerolasa/util-linux:
docs: try to find broken man references and fix them
docs: correct su.1 runuser reference from section 8 to 1
po: remove possibility to translate static option arguments
The col/multibyte test has a hardcoded error string as part of its
expected output that is returned by glibc's strerror(3P) function. Even
though many of these strings are the same across libc implementations,
they are not standardiced and some are certainly different. One example
is the string for EILSEQ on musl libc.
To fix this, we introduce a new test helper "test_strerror". The helper
can be invoked with an error code like "EILSEQ", which will cause it to
print out the the respective error message for that code. Note that
"test_strerror" cannot act on the error's value (e.g. 84 for EILSEQ), as
these aren't standardized either. Instead, we thus need to have an array
of the error's string representation ("EILSEQ") to its respective error
code (the define EILSEQ). The array can trivially be extended as
required, thus it is only sparsely populated with EILSEQ right now.
To fix the col/multibyte test, we introduce a call to sed(1) to replace
the strerror(3P) message from EILSEQ with "EILSEQ". Furthermore, as
we're running tests with the POSIX locale by default which treats all
bytes as valid multibyte sequences, we have to change to the C.UTF-8
locale instead to actually get an error.
tests: (column) use actually invalid multibytes to test encoding
If reading an invalid multibyte sequence, column(1) will encode the byte
as "\x<hex>" instead. The tests try to verify that by piping "£" into
column(1). As the tests run with LC_ALL=POSIX by default, though, libc
implementations strictly adhering to the POSIX standard will treat all
characters as valid multibyte characters. As a consequence, no EILSEQ is
raised by mbtowc(3P) and the character is not encoded as hex, breaking
the test.
Fix this by setting LC_ALL=C.UTF-8. As "£" is a valid UTF-8 character,
we also change the test to use a proper illegal multibyte sequence.
tests: (colcrt) fix reliance on EILSEQ in POSIX locale
The input file "crash1" in the colcrt/regressions test contains the
illegal byte sequence "\x94\x7e". While "\x7e" is '~', "\x94" is not a
valid character. Thus, the test assumes that getwc(3P) will return
`WEOF` and set `errno=EILSEQ`, causing colcrt(1) to abort reading the
stream and thus not print the trailing '~'.
This assumption holds just fine for glibc as it will dutifully report
EILSEQ, but musl libc will happily read the complete stream without
complaining about the illegal character. But in fact, as tests run with
LC_ALL=POSIX by default, glibc's behaviour is wrong while musl is right.
Quoting mbrtowc(3P) from POSIX.1-2017:
[EILSEQ] An invalid character sequence is detected. In the POSIX locale an
[EILSEQ] error cannot occur since all byte values are valid
characters.
Fix the issue by running the colcrt tests with C.UTF8 locale.
tests: (libfdisk) remove reliance on buffer behaviour of standard streams
The tests in libfdisk/mkpart-full all rely on the buffering behaviour of
standard output and standard error streams, most importantly that stderr
is non-buffering and stdout is buffering. This doesn't hold on all libc
implementations when redirecting to a file, breaking the test suite on
such platforms.
Use `ts_run --unbuffered` to stop buffering of the standard output
stream to fix this.
tests: remove reliance on buffer behaviour of stderr/stdout streams
In the test cases "rename::exit_codes" and "rename::exit_codes", we rely
on the flushing behaviour of stderr and stdout streams relative to each
other. Streams in glibc will not flush on newlines if stdout is pointing
to a non-TTY file descriptor, but relying on this is fragile and may
break on systems with a different behaviour like musl libc.
Fix this by introducing a new parameter "--unbuffered" to `ts_run`. If
this parameter is passed and stdbuf(1) from coreutils is available, then
it will use it to disable buffering of standard output completely. Like
this, we can selectively run tests with this if ordering of messages
from stdout and stderr is being checked.